package com.dgut.epidemic.config;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

/**
 * Author: wuhaoduan
 * Date: 2021/6/5 11:38
 */
@Configuration(proxyBeanMethods = false)
@RequiredArgsConstructor
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    final UserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/admin/**").hasAnyRole("ADMIN", "ROOT")
                .antMatchers("/adminManger/message").hasAnyRole("ADMIN", "ROOT")
                .antMatchers("/userManger/**").hasAnyRole("ADMIN", "ROOT")
                .antMatchers("/root/**").hasAnyRole("ROOT")
                // 自定义登录界面
                .and().formLogin()
                    .loginPage("/admin/login").permitAll()
                    // 设置成功后跳转的页面
                    .defaultSuccessUrl("/admin").and()
                // 自定义退出登录请求Url、成功退出登录后的重定向Url
                .logout()
                    .logoutUrl("/admin/logout").permitAll()
                    .logoutSuccessUrl("/admin/login?logout");

        http.csrf().disable();
        http.headers().frameOptions().disable();
    }

}
